Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.b7e1a...a0.exe

windows7-x64

7

NEAS.b7e1a...a0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe

  • Size

    443KB

  • MD5

    b7e1a459cd96781d58dc46a302c5bda0

  • SHA1

    db1201b075297e4a73faf00535164fb65168f665

  • SHA256

    0a0aa68f65311ddf1937dc3c1ad08475e8519953465aab8955248d49d6c78d89

  • SHA512

    2d5443d7acb98044b32146e2c70a33a2c771a41f48d822491e091c33762fe0084a4d21ef199fcaf70089cf13c5864df384cc9bf1685210eb56f14891af71b7b6

  • SSDEEP

    6144:y1Nly1+SGVnjwReY0Iv/s9yLQ/M1ifzDThCDVi30nkUDYWEnr8HGEJSqqIvz2BOH:SDyRhRPvE9yLQ/M1inTcVYUtVuSyI6pQ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1404
    • C:\Users\Admin\AppData\Local\Temp\7DB8.tmp
      "C:\Users\Admin\AppData\Local\Temp\7DB8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe 8580925F512E04CA45E18FDADF3E9C89B5EEA97AC86DA0C0AD38466756A3BC690A4FFCD83CC71EBB06ED7AFCBAD10EA441F7B9A38BE096643D7186AA6A2BB8DC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7DB8.tmp
    Filesize

    443KB

    MD5

    b01fcf531744be0a5f906d36bcf3c148

    SHA1

    1632828b78d32b4ec35424a8de7f387c8cb5aef9

    SHA256

    f6c5fc7d61c32d504169139cec11fcef4824340ca76a6ef25921ac289befe26e

    SHA512

    da443a6d5de01faf95ccb5c645d3dc31e64548b900519e7ac5210cfd7f913707f73a8e256fbe546f38e112fdf854c39ffb2216712e37710ca9b25d24c092d97c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7DB8.tmp
    Filesize

    443KB

    MD5

    b01fcf531744be0a5f906d36bcf3c148

    SHA1

    1632828b78d32b4ec35424a8de7f387c8cb5aef9

    SHA256

    f6c5fc7d61c32d504169139cec11fcef4824340ca76a6ef25921ac289befe26e

    SHA512

    da443a6d5de01faf95ccb5c645d3dc31e64548b900519e7ac5210cfd7f913707f73a8e256fbe546f38e112fdf854c39ffb2216712e37710ca9b25d24c092d97c

    Download Submit